This is my submission for a fix to the buffer overflow
described in bug #1104539
Changes src/sdl/SDL.cpp. It checks the size of the file
name and aborts if it is 'too large' for the buffer. I
have chosen 1024 as the maximum file name size, and the
buffer remains at 2048 bytes.
Patched against today's CVS. From the top level
VisualBoyAdvance directory apply as follows:
patch < overflow.patch
then tested with:
src/sdl/VisualBoyAdvance `perl -e'print "A"x2043'`
src/sdl/VisualBoyAdvance `perl -e'print "A"x2043'`.gba
Previously these gave:
Unknown file type AAAA....
Error opening image AAAA....
This is a quick fix that seems reasonable. The right
way to do this would be to use a stream instead of
sprintf-ing to a buffer, but the systemMessage function
is used in a lot of places (i.e. lots of changes) and,
more importantly, there isn't any other stream usage in
the code, so I wondered if it was a policy not to use
too many C++ libraries. Any comments?